Privacy Information for Shipment recipients pursuant to Art. 13 and 14 GDPR

We, GO! Express & Logistics Deutschland GmbH, take the protection of personal data and the confidential handling thereof very seriously. We therefore hereby inform you about the processing of your personal data in the context of the provision of delivery services for our customers and partners as well as the rights to which you are entitled. The processing of your personal data is carried out exclusively within the applicable statutory provisions of data protection law, in particular the Postal Act ("PostG"), the General Data Protection Regulation ("GDPR") and the Federal Data Protection Act ("BDSG").

 

1. Name and Contact Details of the Controller

GO! Express & Logistics Deutschland GmbH

Brühler Straße 9

53119 Bonn

Deutschland

Phone: +49 228 24393-0

Telefax: +49 228 24393-590

info@general-overnight.com

www.general-overnight.com

 

2. Contact Details of the Data Protection Officer

Mr. Attorney Boris Reibach

Scheja & Partners GmbH & Co. KG

Adenauerallee 136

53113 Bonn

Deutschland

Phone: (+49) 0228-227 226 0

https://www.scheja-partners.de/kontakt/kontakt.html

www.scheja-partners.de

3. Information on Processed Data Categories

In the context of the business relationship with our customers, we process the following categories of personal data relating to you:

  • Master data, such as your name, address, and the type of postal service used
  • Delivery data, such as delivery instructions, your signature as proof of receipt, and shipment information if applicable
  • Contact details, such as your telephone number or email address to support the delivery process, insofar as these were provided by the sender
  • Billing data, such as prepaid or unpaid freight charges and cash-on-delivery amounts
  • Identity verification data, such as the validity date and number of your identity card, passport, driver's licence or residence permit (official identification documents)

 

4. Information on Relevant Processing Purposes

4.1 Data Processing for the Purpose of Delivery, Return, or Billing

We process your personal data listed in section 3 for the purpose of delivering or returning a postal item or for billing purposes.

This data processing is based on Sections 68(3) and 70 PostG.

We delete the data when it is no longer required for the purposes of delivery, return of a postal item, or billing and no other legal grounds, in particular statutory or contractual retention periods, apply. Deletion generally occurs after ten years pursuant to Section 257 of the German Commercial Code (HGB) and Section 147 of the German Fiscal Code (AO).

 

4.2 Data Processing for Proof Purposes

We process your identity verification data listed in section 3 for the purpose of ensuring proper execution of postal services. Under Section 69(1) PostG, we are authorised to request identification from people involved in postal traffic if necessary.

This data processing is based on Section 69(1) PostG.

We also store identity verification data if necessary to later prove the proper execution of postal services and if there is a special interest in securing evidence.

This data processing is based on Section 69(2) PostG.

We use this data exclusively for these purposes. The identity verification data is not used in a way that allows retrieval of personal data from files or linking of files.

We delete the identity verification data no later than six months after expiry of statutory and contractual limitation periods in accordance with Section 69(4) PostG.

 

4.3 Compliance with Legal Obligations

We may also process your personal data to fulfil legal obligations arising, for example, from commercial, tax, financial or criminal law or from the formal service of documents under procedural rules. The purposes of processing arise from the respective legal obligations.

Processing is based on Art. 6(1)(c) GDPR in conjunction with the relevant provisions establishing such obligations. For example, where we are required to retain data for commercial or tax reasons, processing is based on Art. 6(1)(c) GDPR in conjunction with Section 257 HGB and Section 147 AO.

We delete your data once the legal obligation no longer applies, provided no other legal basis applies.

 

5. Sources of Personal Data in Case of Third‑Party Collection

We receive your master data from our customers who commission us with the delivery or return of a postal item.

Identity verification data and delivery data attributable to you are collected directly from you or in direct connection with delivery.

 

6. Automated Decision-Making or Profiling

We do not use automated decision-making or profiling pursuant to Art. 22 GDPR.

 

7. Recipients or Categories of Recipients

Internal recipients:

Only those departments and employees who require your personal data to fulfil their tasks have access to it.

External recipients:

  • Processors, such as IT service providers. All processors are carefully selected and regularly monitored.
  • Contracted companies, such as additional delivery partners. These companies have access only to the data necessary for performing their assignment.
  • Public authorities, such as prosecutors, courts, or tax authorities, if legally required.
  • Private entities, specifically the customers who commissioned the service, to whom we disclose delivery data as proof of proper performance of postal services.

 

8. Data Processing in Third Countries

A transfer of your personal data to third countries may occur if a cross-border shipment is involved. In addition, we use service providers for IT services and IT infrastructure whose registered office is located outside the EU/EEA. Except in cases permitted by law, we ensure before any transfer that an adequate level of data protection exists at the recipient or appropriate safeguards are in place.

You may request an overview of recipients in third countries and copies of applicable safeguards using the contact details listed in section 1.

 

9. Rights of Data Subjects

You have the following rights:

  • To request confirmation as to whether we process personal data concerning you; if so, you have the right to access this data.
  • To request rectification of inaccurate or incomplete personal data concerning you.
  • To request erasure of your personal data under the conditions of Art. 17 GDPR.
  • To request restriction of processing under Art. 18 GDPR.
  • To receive personal data concerning you in a structured, commonly used, machine-readable format or to transmit it to another controller (data portability).
  • To withdraw consent at any time with effect for the future (withdrawal of consent).

Right to Object

Individual Right to Object

You have the right, for reasons arising from your particular situation to object at any time to the processing of personal data concerning you that is based on Art. 6(1)(e) or (f) GDPR, including profiling.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defence of legal claims.

To exercise your rights, please use the contact details provided in section 1.

 

Supervisory Authority for Postal Services

Federal Commissioner for Data Protection and Freedom of Information (BfDI)

Graurheindorfer Str. 153

53117 Bonn

Phone: +49 (0)228 997799-0

E-Mail: poststelle@bfdi.bund.de

De-Mail: poststelle@bfdi.de-mail.de